Imperva Cyber Community

Hi,

I would like to know the experience in configuring splunk siem onprem to cloud waf integration. Couple of questions;

1.the incapsula.spl , can this be modified or just load it to the splunk and no further configurations needed? 

2.what is the firewall requirements, port, services eg: between splunk inbound / outbound to cwaf management console url.

3. do i need to enable manually the enabled the WAF Log Levels in each enrolled websites? by default it is Disabled.

more power to imperva.

tia,

A

#CloudWAF(formerlyIncapsula)

------------------------------
[Leangf]
------------------------------

Hello Angfe, 

Please find information regarding steps for Cloud WAF Log integration here: https://docs.imperva.com/bundle/cloud-application-security/page/settings/log-integration.htm

You can find the instructions for installing the Splunk package here: https://docs.imperva.com/bundle/cloud-application-security/page/more/siem-package.htm

Thank you,

------------------------------
Sandra Palma Pico
Manager, Customer Success, Cala
MO
------------------------------

Original Message:
Sent: 07-18-2023 03:49
From: Angfe Landagan
Subject: Splunk on-prem integration to cloud waf

Hi,

I would like to know the experience in configuring splunk siem onprem to cloud waf integration. Couple of questions;

1.the incapsula.spl , can this be modified or just load it to the splunk and no further configurations needed? 

2.what is the firewall requirements, port, services eg: between splunk inbound / outbound to cwaf management console url.

3. do i need to enable manually the enabled the WAF Log Levels in each enrolled websites? by default it is Disabled.

more power to imperva.

tia,

A

#CloudWAF(formerlyIncapsula)

------------------------------
[Leangf]
------------------------------